A UK view on Cyber, Information & IT Security by Security Expert Dave Whitelegg. Providing advice and explaining security for everyone, and also contemplating advanced themes and future trends in security.
With a focus on all the latest developments & issues within the UK Information Security space such as Hacking, DDoS, Botnets, Malware, Identity Theft, Data Protection (DPA) and regulatory compliance like PCI DSS & ISO27001:2013, all will be explained in an easy to understand way.

Tuesday, 15 May 2007

Home Network Security Scrutinised

I found the following article on the BBC news website, which happen to be exactly what I had been talking about in my presentations this week. None of the findings are surprising to me, but I find many people I talk with are in the dark about digital security. Anyway I thought I'd write this post about it and start my own blog.

Home computer users who leave default passwords on network hardware unchanged could be at risk from attack say security experts. Researchers created an attack that surreptitiously redirects a user to nefarious sites once they have visited a booby-trapped webpage.

The attack works by re-writing the address book in network hardware to point victims to the scam sites.

The theoretical attack was explored in a paper written by researchers from the University of Indiana and security firm Symantec.

In the paper the authors detail how to compromise the routers many people use to share broadband connections between machines in their home.

Making changes to a routers set-up requires the use of an administrative password, but the researchers said informal studies suggest that about half of router owners never change the default.

Their paper shows how a booby-trapped webpage could use these default passwords and JavaScript - a technology enabled on 95% of computers - to change a router's DNS settings.

The Domain Name System (DNS) turns the web names that humans use into the numeric form that computers prefer. By compromising the router malicious hackers could make it direct people to fake address books.

Phish Pharming

These fake DNS servers could redirect users to counterfeit banking, e-mail, or government sites which then collect sensitive details like account numbers, usernames, and passwords.

Phishing attacks, where users believe they are on a legitimate site when actually connected to a bogus one, are not new. However, these schemes are usually limited to individual pages.

This method would let hackers do wholesale phishing, called pharming, by redirecting every web address to illegitimate servers that either collect information or attempt to install malicious software.

"Fortunately, this attack is easy to defend against," one of the paper's authors, Zulfikar Ramzan, said on his blog.

To protect from a pharming attack of this sort, the paper recommends that users change the default administrative password on their router.

Alternatively, they can put other DNS information into each computer on their network. Source

About Me

ShareThis

Disclaimer

This is a personal website, all views or opinions represented in this blog are personal to Dave Whitelegg and guest bloggers that post, and do not represent the views or opinions of any business or organisation. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information.

All original content copyright David Whitelegg 2007-2016. You may not use any original content with. Awesome Inc. template. Powered by Blogger.